Hello,
We are increasingly using tokens in our projects (from admin to project tokens). However, since the 16 version of GitLab, there has also been a limit on how long a token can be valid.
Although it is possible to rotate the tokens via the GitLab API, there are also restrictions there, which of course make sense.
In its blog post, Gitlab suggests using a service account. However, since this feature falls under Premium, I’m not sure what the best strategy is for people like me.
To put into context, what is roughly done with the tokens:
We use some scripts that automate the process within GitLab. We have a script that sorts specific groups of people into a group.
But we also have processes where the deployment of an app is mapped and consists of various downstream pipelines.
In any case, with the amount of tokens we use, manual refreshing is unreasonable in my view. And, as far as I know, rotating all the tokens with one admin account is not actually intended.
How do you do that? Do you try to avoid using tokens whenever possible?